Bar Raiser.← Home

Privacy Policy

Last updated: June 5, 2026

Bar Raiser ("we", "us", "our") provides an AI-powered career and interview coaching product available at bar-raiser.io (the "Service"). This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the rights you have over it. We aim to comply with the EU General Data Protection Regulation ("GDPR"), the UK GDPR, the California Consumer Privacy Act as amended by the CPRA ("CCPA/CPRA"), and other applicable privacy laws.

1. Who is the data controller?

Bar Raiser is the controller of personal data processed through the Service. You can reach us about privacy matters at hello@bar-raiser.io.

2. Information we collect

We collect the following categories of personal information:

  • Account data: email address, name (if provided), authentication identifiers (e.g. Google sign-in identifiers).
  • Profile and content data: your resume, target role, answers, journal entries, chat messages with the AI coach, and other content you submit to the Service.
  • Billing data: if you start a paid plan or trial, our payment processor (Stripe) collects your payment method and billing details. We do not store full card numbers on our servers.
  • Usage and device data: pages viewed, features used, approximate location derived from IP, browser type, device type, and timestamps. We use this for security, debugging, and (with your consent) product analytics.
  • Cookies and similar technologies: see section 6.
  • Communications: if you contact us, we keep the message and our reply.

3. How we use your information

  • To provide, operate, and improve the Service.
  • To generate personalized interview questions, answers, plans, and coaching using AI models (see section 5).
  • To authenticate you and secure your account.
  • To process payments and manage subscriptions.
  • To send transactional emails (e.g. account, billing, security).
  • With your consent, to send marketing communications you can unsubscribe from at any time.
  • With your consent, to measure product usage and improve the Service via analytics tools.
  • To comply with legal obligations, prevent fraud, and enforce our terms.

4. Legal bases (GDPR / UK GDPR)

  • Contract: to provide the Service you signed up for.
  • Consent: for non-essential cookies, analytics, and marketing emails. You can withdraw consent at any time.
  • Legitimate interests: to keep the Service secure, prevent abuse, and improve core functionality.
  • Legal obligation: e.g. tax, accounting, and responding to lawful requests.

5. AI processing

When you use AI features, your inputs (such as your resume, answers, and chat messages) are sent to third-party AI providers (e.g. Google, OpenAI) via our backend in order to generate a response. We do not authorize these providers to use your content to train their public models. We do not sell your content.

6. Cookies and analytics

We use a small number of strictly necessary cookies to operate the Service (e.g. authentication, session state). These do not require consent.

With your consent, we also use:

  • Google Analytics / Google Tag Manager — to understand aggregate usage trends.
  • PostHog — for product analytics and session insights. Inputs are masked by default; we do not record card numbers or password fields.

You can accept or reject non-essential cookies via the banner shown on your first visit. You can change your choice at any time by clearing your browser storage for this site, which will re-show the banner.

7. Sharing your information

We share personal data only with:

  • Service providers (processors) acting on our instructions, including: Supabase (database, auth, storage), Stripe (payments), Google and OpenAI (AI inference), Google Analytics, PostHog (analytics), Resend or a similar provider (transactional email), and our hosting infrastructure.
  • Authorities when required by law or to protect rights, safety, or property.
  • A successor in connection with a merger, acquisition, or sale of assets, subject to this Policy.

We do not sell your personal information.

8. International transfers

We and our processors may transfer personal data to countries outside your home jurisdiction, including the United States. Where required, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses.

9. Data retention

We keep your personal data for as long as your account is active and for a reasonable period afterward to comply with legal obligations, resolve disputes, and enforce agreements. When you delete your account, we delete or anonymize personal data within a reasonable period, except where retention is required by law (e.g. financial records).

10. Your rights

Depending on where you live, you may have the right to: access, correct, delete, or export your personal data; restrict or object to certain processing; withdraw consent; and lodge a complaint with your local data protection authority. California residents have additional rights under CCPA/CPRA, including the right to know, delete, correct, and opt out of "sharing" for cross-context behavioral advertising.

To exercise any of these rights, email hello@bar-raiser.io. We will respond within the timeframes required by applicable law (generally 30 days, extendable to 45 under CCPA).

11. Security

We use industry-standard safeguards including encryption in transit (HTTPS), encryption at rest, access controls, and audit logging. No system is 100% secure, but we work hard to protect your data.

12. Children

The Service is not directed to children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us personal data, contact us and we will delete it.

13. Changes to this Policy

We may update this Policy from time to time. If we make material changes, we will notify you by email or in-product notice. The "Last updated" date at the top reflects the current version.

14. Contact

Questions or requests? Email hello@bar-raiser.io.